26 Aug
2021
26 Aug
'21
3:01 a.m.
(Sorry for repost. Chris kindly informed me that my messages are empty.
I think it could be because GPG sig. Another attempt without it)
Hi all,
I am new to 44net and I haven't found much about DNS. I have the
following questions:
1. In order to get traffic routed through the 44 gateway, does a forward
or reverse DNS entry need to exist? Does it need to satisfy certain
format/conditions? (from a technical standpoint, existance of reverse
would make sense as it's done in SMTP servers, but I don't know how this
information is queried by the gateway).
2. I run my own bind (also accessible over 44net). I'd love to handle my
DNS entries on my own (not least because every request on the portal can
take well over a year to be answered, at least for me). Is it possible
to request classless in-add.arpa delegation (RFC2317) for my subnet?
3. If the ampr.org domain is used, are there any requirements on the
format/hierarchy? Can it be a subdomain <myname>.ampr.org? Or does it
need to be <callsign>.ampr.org? Can all entries and hierarchy under this
subdomain be freely chosen?
4. Is there any way in the portal to keep track of DNS related
requests/messages as it is for subnets? I am not sure any more if, when,
what and who I have asked about DNS and I want to avoid sending the
request again if it's still "pending".
Thanks,
Nick
26 Aug
26 Aug
3:20 a.m.
Hi Nick,
On 26 Aug 2021, at 08:01, Nick Hammler via 44Net
<44net(a)mailman.ampr.org> wrote:
(Sorry for repost. Chris kindly informed me that my messages are empty. I think it could
be because GPG sig. Another attempt without it)
Hi all,
I am new to 44net and I haven't found much about DNS. I have the following
questions:
1. In order to get traffic routed through the 44 gateway, does a forward or reverse DNS
entry need to exist?
You need a forward A record and reverse entry in ampr.org
Does it need to satisfy certain format/conditions?
(from a technical standpoint, existance of reverse would make sense as it's done in
SMTP servers, but I don't know how this information is queried by the gateway).
You just need to contact your coordinator and ask them to enter an A record for each host
you want to use on the IPIP mesh. Or feel free to contact me if you prefer.
2. I run my own bind (also accessible over 44net).
I'd love to handle my DNS entries on my own (not least because every request on the
portal can take well over a year to be answered, at least for me). Is it possible to
request classless in-add.arpa delegation (RFC2317) for my subnet?
I know sometimes responses from coordinators can be variable, but over a year? Bear in
mind everyone is a volunteer and responding to AMPRNet queries may not be top of the list,
but if you are having problems getting a response then drop me an email.
To answer your question: no, we don’t delegate DNS for IPIP mesh users, it is all handled
centrally.
3. If the ampr.org domain is used, are there any
requirements on the format/hierarchy? Can it be a subdomain <myname>.ampr.org? Or
does it need to be <callsign>.ampr.org? Can all entries and hierarchy under this
subdomain be freely chosen?
If you are using the IPIP mesh then you do need an A record in ampr.org for each host. The
preferred method is to use your callsign as a subdomain, then add one or more A records,
e.g. for me it might look like:
gw.g1fef.ampr.org
www.g1fef.ampr.org
etc.
Entries under your callsign subdomain can be chosen (mostly) freely, we may object to some
words, e.g. offensive words.
4. Is there any way in the portal to keep track of DNS
related requests/messages as it is for subnets? I am not sure any more if, when, what and
who I have asked about DNS and I want to avoid sending the request again if it's still
"pending".
Just contact me and I will handle your requests. If you are sending more than one or two,
please send them in the following format:
hostname (without ampr.org) ADD A <IP Address>
for example:
gw.g1fef ADD A 44.1.2.3
You can also request other RR types, e.g. MX records:
mail.g1fef ADD MX 10 mail.g1fef.ampr.org.
smtp.g1fef ADD CNAME mail.g1fef.ampr.org.
73,
Chris - G1FEF
Thanks,
Nick
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
3:41 a.m.
On 26 Aug 2021, at 08:34, Rob PE1CHL via 44Net
<44net(a)mailman.ampr.org> wrote:
On 8/26/21 9:20 AM, Chris Smith via 44Net wrote:
That has always been the case, as was handed down to me by Brian. In any case, we have
never used RFC2317 delegation as Nick asked about, not for any connection method, we’ve
only ever delegated /24 (or larger) prefixes for BGP announced subnets.
Chris
To answer your question: no, we don’t delegate
DNS for IPIP mesh users, it is all handled centrally.
Is that a new policy? I think in the past there was no relation between DNS
delegation and
the connection method? Rob
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
3:58 a.m.
On 8/26/21 9:41 AM, Chris Smith via 44Net wrote:
Ok but there are several delegations for IPIP-only connected subnets in the current
hosts file...
That is why I wondered if it was a new policy.
Rob
On 26 Aug
2021, at 08:34, Rob PE1CHL via 44Net <44net(a)mailman.ampr.org> wrote:
On 8/26/21 9:20 AM, Chris Smith via 44Net wrote:
That has always been the case, as was handed down to me by
Brian. In any case, we have never used RFC2317 delegation as Nick asked about, not for any
connection method, we’ve only ever delegated /24 (or larger) prefixes for BGP announced
subnets.
Chris
To answer your question: no, we don’t delegate
DNS for IPIP mesh users, it is all handled centrally.
Is that a new policy? I think in the past there was no relation between DNS
delegation and
the connection method?
4:05 a.m.
On 26 Aug 2021, at 08:58, Rob PE1CHL via 44Net
<44net(a)mailman.ampr.org> wrote:
On 8/26/21 9:41 AM, Chris Smith via 44Net wrote:
Ok but there are several delegations for IPIP-only connected subnets in the
current hosts file...
That is why I wondered if it was a new policy.
Historically I believe there were a small number for some of the larger subnets to
coordinators, but not to “end users”. The whole point of the current system is to protect
the IPIP mesh, the gateway only passes traffic that has an A record in the ampr.org domain
and matching reverse entry. Delegating reverse to everyone would break this.
Chris
On 26 Aug
2021, at 08:34, Rob PE1CHL via 44Net <44net(a)mailman.ampr.org> wrote:
On 8/26/21 9:20 AM, Chris Smith via 44Net wrote:
That has always been the case, as was handed down to me by
Brian. In any case, we have never used RFC2317 delegation as Nick asked about, not for any
connection method, we’ve only ever delegated /24 (or larger) prefixes for BGP announced
subnets.
Chris
To answer your question: no, we don’t delegate
DNS for IPIP mesh users, it is all handled centrally.
Is that a new policy? I think in the past there was no relation between DNS
delegation and
the connection method? 
7:31 a.m.
On Thu, 26 Aug 2021, Nick Hammler via 44Net wrote:
1. In order to get traffic routed through the 44
gateway, does a forward
or reverse DNS entry need to exist?
Yes, hosts must have DNS entries *and* be pingable; only when those
two conditions are met is tunneling performed---otherwise traffic
continues onwards into the Network Telescopic dataset only.
4. Is there any way in the portal to keep track of DNS
related
requests/messages as it is for subnets?
Theoretically, yes. But, like many other people, you've discovered
that emailing the 44net list generates rapid responses!
-Paul
997
days inactive
997
days old
6 comments
4 participants
participants (4)
-
Chris Smith -
Nick Hammler -
Paul Sladen -
Rob PE1CHL